Providing practical examples since 1998

Things look quiet here. But I've been doing a lot of blogging at
dan.langille.org because I prefer WordPress now.
Not all my posts there are FreeBSD related.
I am in the midst of migrating The FreeBSD Diary over to WordPress
(and you can read about that here).
Once the migration is completed, I'll move the FreeBSD posts into the
new FreeBSD Diary website.

IP Filter 3.3.4 was released today. This article merely documents that
fact and describes how I installed it under FreeBSD 3.3-release. These instructions
should work for all subsequent versions of IP Filter. If they do not, please add your comments.

NOTE:
version 3.3.4 is no longer available. At the time of writing, I was on 3.4.1.

NOTE: IP Filter version 3.3.3 has been added to 3.3-stable I believe.
It's in the ports under /src/contrib I think. I've tried the port and it
fails. Feel free to give it a go. You may have to update
your ports in order to get the correct version. If it fails for you, try the
steps in this article.

Remember, I have the entire ports
tree installed. If you use the port, you may be able to skip to Configuration. Please note that I have not installed IP
Filter from the ports, so I'm not sure the following notes will work or not.

NOTE: version 3.3.4 is no longer available. At the time of writing, I was on
3.3.6.

Installing

To use ipf, you first compile ipf, and then create a new kernel
which includes the ipf options. In addition, I always use ipnat in
conjunction with ipf. In order for ipnat to work, you must include
the kernel options for ipnat. Be sure to do this
before you recompile the kernel to include ipf.

To compile ipf 3.3.4,
follow the instructions included with the tarball. Here's what they look like: